Total
253940 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0077 | 1 Sun | 1 Cluster | 2024-02-04 | 5.0 MEDIUM | N/A |
The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations. | |||||
CVE-2000-1046 | 1 Lotus | 1 Domino | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands. | |||||
CVE-1999-1220 | 1 Great Circle Associates | 1 Majordomo | 2024-02-04 | 7.5 HIGH | N/A |
Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | |||||
CVE-2003-0172 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. | |||||
CVE-2002-0556 | 1 Deep Forest Software | 1 Quik-serv Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
CVE-2003-0565 | 2024-02-04 | 5.0 MEDIUM | N/A | ||
Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 4.6 MEDIUM | N/A |
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | |||||
CVE-2004-1888 | 1 Aborior | 1 Encore Web Forum | 2024-02-04 | 7.5 HIGH | N/A |
display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | |||||
CVE-1999-1441 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it. | |||||
CVE-2002-1256 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2024-02-04 | 5.0 MEDIUM | N/A |
The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller. | |||||
CVE-2003-0398 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2024-02-04 | 7.5 HIGH | N/A |
Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed. | |||||
CVE-2004-2089 | 1 Matrix | 1 Matrix Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the username and password and then issuing a LIST command. | |||||
CVE-2002-1782 | 1 University Of Washington | 1 Uw-imap | 2024-02-04 | 2.1 LOW | N/A |
The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user. | |||||
CVE-2001-0722 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 6.4 MEDIUM | N/A |
Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." | |||||
CVE-1999-0785 | 1 Isc | 1 Inn | 2024-02-04 | 7.2 HIGH | N/A |
The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. | |||||
CVE-1999-0119 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
Windows NT 4.0 beta allows users to read and delete shares. | |||||
CVE-2004-1358 | 1 Sun | 1 Solaris | 2024-02-04 | 5.0 MEDIUM | N/A |
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. | |||||
CVE-2002-0600 | 2 Kth, Luke Mewburn | 2 Kth Kerberos, Lukemftp | 2024-02-04 | 7.5 HIGH | N/A |
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request. | |||||
CVE-2001-0065 | 1 Max-wilhelm Bruker | 1 Bftpd | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN command. | |||||
CVE-2003-0598 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0657. Reason: This candidate is a reservation duplicate of CVE-2003-0657. Notes: All CVE users should reference CVE-2003-0657 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. |